2 matches found
CVE-2022-28471
In ffjpeg commit hash: caade60, the function bmpload in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfifencode in jfif.c. This is due to the incomplete patch for issue 38...
CVE-2022-28471
CVE-2022-28471 affects ffjpeg. The issue is in bmp_load() in bmp.c, where an integer overflow leads to a heap overflow in jfif_encode() in jfif.c, due to an incomplete patch for issue 38. Documents consistently name the vulnerable chain (bmp_load overflow → heap overflow in jfif_encode) and attri...